In addition, respondents listed database monitoring and security information and event management (SIEM) as their top priorities because of the increase in advanced persistent threats, according to a survey of 438 IT decision makers, consultants, and security analysts working for companies in the US, UK, Australia, New Zealand, Brazil, Canada, France, Germany, and Singapore.
The survey found that most organizations rely on legacy SIEM systems that do not meet their current needs. Approximately 40% of organizations are planning to implement or update a SIEM product.
While 80% of respondents cited visibility as very important, security teams remained challenged in this area. Discovering threats was listed as the top challenge to managing enterprise risk.
“That ties into why SIEM is so critical for enterprises to make sure they have that visibility”, said Eric Schou, group product marketing manager at McAfee. “There is a craving for visibility within the enterprises”, he observed.
“Enterprises are looking at database security a lot differently than they did a few years ago….You are seeing a real prioritization of database security in general, whether that is vulnerability scanning or activity monitoring”, Schou told Infosecurity.
Similar to the 2011 survey, there is a positive trend in security budgets for 2012 with 96% of the organizations indicating the same level or more expenditure on risk and compliance.
Software and appliances are the top choices for risk and compliance products. On average, one-third of all organizations prioritized the upgrade/implementation of unique risk and compliance products to address vulnerability assessment, patch management, remediation, governance, risk management, and compliance, the survey found.
Nearly 40% of organizations claim to be moving toward hosted security-as-a-service (SaaS) and virtualization deployment models in 2012.
Patch management frequency is a challenge, with almost half of the organizations patching on a monthly basis and one-third doing it on a weekly basis. Not all companies are able to pinpoint threats or vulnerabilities; as a result, 43% indicate that they overprotect and patch everything they can.
“While progress has been made on patching, there is still a lot of work to be done….A lot of database guys don’t want the database configuration touched. So they patch on an infrequent bases”, said Schou.